<?php
session_start();
header('Content-Type: text/html; charset=UTF-8');
require ("sql.php");
if ( !$_SESSION['user_id'] )
{ 
echo "Bạn chưa đăng nhập! <a href='login.php'>Nhấp vào đây để đăng nhập</a> "; 
}
else{
$user_id = ($_SESSION['user_id']);
$sql_query = @mysql_query("SELECT * FROM user WHERE tai_khoan='{$user_id}'");
$user = @mysql_fetch_array( $sql_query ); 
?>
 <?php if ($user['admin']=="3") echo" <a> bạn không có quyền truy cập vào trang này</a>";
else { ?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>DANH SÁCH HỌC SINH</title>
</head>

<?php 

mysql_query("SET NAMES 'utf8'");

?>
<body>
<a style="float:right" href="index.php">Quay lại trang chủ</a>
<div style="margin-left:400px;"><h2>DANH SÁCH HỌC SINH</h2></div>
<div style="margin-left:400px;">
<form id='form1' name='form1' method="post" action="dshs.php">
Lớp: <input type="text" name="class" style="width:100px;"/>
<input type="submit" value="Xem" />
</form>
</div>
<?php
	
	echo"</br>";
	echo"<table width='1000' border='2' align='center' cellpadding='1' cellspacing='5'>";
    echo"<tr>";
	echo"<td width='40'>Mã học sinh </td>";
    echo" <td width='55'>Họ tên </td>";
	echo"<td width='64'>Phái </td>";
	echo"<td width='55'>Nơi Sinh</td>"; 
    echo" <td width='40'>Lớp</td>"; 
    echo"</tr>";
if($_POST!=null)
if($_POST['class'] != null)
{	
$lop = $_POST["class"];
$result=mysql_query("SELECT * FROM hs where m_lop='{$lop}'");
	while ($row =mysql_fetch_row($result))
	{
	//$row1=mysql_fetch_row($result1);
	$ten=$row[1];
	$m_hs=$row[0];
	$phai=$row[2];
	$ngay_sinh=$row[3];
	$noi_sinh=$row[4];
    echo"<tr>";
    echo"<td width='64'>$m_hs</td>";
	echo"<td width='64'>$ten</td>";
    echo"<td width='64'>$phai</td>";
	echo"<td width='64'>$ngay_sinh</td>";
	echo"<td width='64'>$noi_sinh</td>";
    echo"</tr>";
	}
}
	echo"</table>";
?>

</body>
</html>
<?php } 

} ?>